Actions

Translations

Manage users/60/en: Difference between revisions

From LimeSurvey Manual

(Importing a new version from external source)
(Importing a new version from external source)
Line 3: Line 3:
* The passed username has to exist in LimeSurvey's ''users table''.
* The passed username has to exist in LimeSurvey's ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in column ''one_time_pw'' of table ''users''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* (This should be ignored except "Both passwords have to match") The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.
* My local LS system can't test the permissions with different accounts (my email password does not have a way to be connected).

Revision as of 16:25, 12 June 2018

Message definition (Manage users)
'''Things to watch out for:'''
* To enable this login method, the line [[Optional settings#Use_one_time_passwords|<code>'use_one_time_passwords' => true</code>]] has to be added in config.php (it is 'false' by default).
* The passed username has to exist in the LimeSurvey ''users table''.
* The one-time password (which can be set via an external application) has to be stored as [https://secure.php.net/manual/en/function.md5.php MD5 hash] in the column ''one_time_pw'' of table ''users''.
* The passed plain text password will be hashed using the sha256 function and will then compared to the stored hash in column ''one_time_pw'' of table ''users''. Both passwords have to match.
* After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in with that respective password a second time.

Things to watch out for:

  • To enable this login method, the line $use_one_time_passwords = false; has to be set true in config.php (it is 'false' by default).
  • The passed username has to exist in LimeSurvey's users table.
  • The one-time password (which can be set via an external application) has to be stored as MD5 hash in column one_time_pw of table users.
  • (This should be ignored except "Both passwords have to match") The passed plain text password will be hashed using the sha256 function and will then be compared to the stored hash in column one_time_pw of table users. Both passwords have to match.
  • After the first login with the one-time password, it gets deleted from the database. The user won't be able to log in anymore with that respective password a second time.
  • My local LS system can't test the permissions with different accounts (my email password does not have a way to be connected).
Retrieved from "http://manual.limesurvey.org/index.php?title=Translations:Manage_users/60/en&oldid=113168"